Late Tuesday, Carbon Copy Cloner, the shareware favorite for drive cloning operations by Mike Bombich, reached version 3.4.5. The new version, a 6.5 megabyte download, adds the following fixes and changes:

– Fixed a minor timing issue that would prevent CCC from finishing the submission of an email notification when a scheduled task was configured to sleep or shut down the Mac.

– Fixed an issue in which non-ASCII characters would be improperly displayed during the backup task (this was only a cosmetic problem).

– Fixed an issue in which CCC would occasionally not retain the user’s last choice in the preset configurations menu.

– Growl notifications should be a bit more consistent on Lion.

– In anticipation of Mountain Lion’s requirement that I use Apple’s code signing certificate to sign my application, this version of CCC will migrate entries in the CCC private keychain to a new keychain. I have leveraged codesigning in CCC for almost 5 years and recently started to rely on it to have access to keychain entries without annoying the end user for permission to do so. Switching code signing certificates at this point invalidates the keychain item access control lists that I previously applied, forcing me to migrate the keychain or face losing access to those keychain items. When you launch this new version of CCC, you’ll see a progress panel that indicates that CCC is migrating the keychain. This should be fast and eventless. If you see a dialog from the system asking you to grant CCC access to a keychain item, however, it is imperative that you click on “Allow” to give CCC access to those keychain items.

– In earlier versions of CCC, when an encrypted disk image’s passphrase keychain entry was updated by the scheduled task helper application, access to that keychain item would be limited to only the scheduled task helper application. Subsequent ad hoc attempts to back up to the encrypted disk image (e.g. in CCC’s main window) would result in a request to grant CCC access to the keychain item. This update fixes that access limitation.

– Fixed a bug in which CCC would not properly set the modification date on files copied to SMB shares hosted by some versions of Windows. This would result in CCC wanting to recopy every file to the destination on subsequent backups.

– Reverted to the pre-3.4.4 behavior of automatically running a scheduled task upon wake if the task missed a scheduled run time during sleep. If you would prefer that CCC automatically skip tasks missed during sleep, drop me a line on the Help Desk, there is a hidden setting that will accommodate this preference.

– In previous versions, CCC might report that a source or destination folder on a network volume does not exist, when it plainly does. CCC now appropriately handles the permissions limitation that led to this errant message.

– Fixed an issue in which extended attributes may be recopied to some non-HFS destinations every time a backup task runs.

– Fixed a couple issues that could result in a crash.

– Fixed an issue in which CCC would hang on launch if there is a corrupted scheduled task configuration file present. Now that corruption is detected and these files are removed.

– Fixed an issue in which the “Reschedule all future events for this time of day” setting did not work for tasks configured to run weekly or monthly.

– Fixed an issue in which weekly and monthly tasks scheduled with a start date prior to the Daylight Saving Time switch and a start time within the “lost hour” would run multiple times a day.

– Scheduled tasks can now mount the underlying network volume for a source volume that is a disk image.

– Fixed an anomaly with progress indication in which the progress indicator would jump wildly if the user ran a task with exclusions, then another task without exclusions.

– Scheduled tasks will now reschedule themselves when the system time zone is changed. If a task was scheduled for 2PM Eastern time and you change the time zone to Pacific time, the task should run at 2PM Pacific time. This functionality is only partially available to Tiger users. Tiger doesn’t offer “time zone changed” notifications, so the currently-scheduled task will only be rescheduled upon wake, or when the task is reloaded.

– Some of the postflight cleanup tasks that are required for making a clone of Mac OS X bootable were getting skipped when minor transfer errors occurred. These tasks will now run regardless of minor transfer errors, so the destination volume should be bootable even when minor errors occur (assuming there aren’t any other hardware compatibility problems).

Per Russian security company Dr. Web and Macworld, the Mac Flashback Trojan horse was still installed on more than half a million Apple computers late last week and is declining only slowly.

Although all security companies now agree that the best days for Flashback (or “Flashflake”) are now behind it, the new numbers suggest a greater level of infection than that has been reported by rivals.

Measured by UUID device identifiers, Dr. Web now believes that at its greatest extent, the bot controlled around 817,000 machines, with an average of 550,000 contacting the command and control servers during any 24-hour period.

By April 19, the bot was communicating with 566,000 Macs, down from 673,000 three days earlier, still considerably higher than Symantec’s estimate last week that the bot’s size had shrunk to 270,000 infected systems, and Kaspersky’s figure of 237,000 on April 14 and 15.

Some of the confusion could be down to measuring the bot using either IP addresses or device IDs (UUIDs), and doing so at different points in time.

However, Dr. Web thinks it has a better explanation for the understands this discrepancy, which, it said, has to do with attempts by an unnamed entity (presumably a security company) to block the bot’s activity.

Infected bots had been connecting to a server at 74.207.249.7, which was putting them into a suspended state. All machines doing this would no longer be able to communicate and be registered as ‘active’ by security company sinkholes despite still being infected.

“This is the cause of controversial statistics on one hand, Symantec and Kaspersky Lab reported a significant decline in the number of Backdoor.Flashback.39 bots, on the other hand, Dr. Web repeatedly indicated a far greater number of bots which didn’t tend to decline considerably,” the company argued.

At least one security company—Mac security specialist Intego—agrees with Dr. Web’s contention that Flashback’s infection numbers have recently been underestimated.

“Intego has analyzed the malware, and, following discussions with other security companies, has determined that not only are these numbers [the lower estimates] incorrect, they are underestimating the number of infected Macs,” the company announced in a Friday blog post.

If this is correct, it does at least mean that while infected, these machines are now dormant and presumably beyond the control of the bot controllers.

On Friday, Kaspersky offered more information on how the malware was able to infect its victims through WordPress blog sites that had been compromised to host a malware redirection script.

Stay tuned for additional details and if you haven’t downloaded the latest security updates through Mac OS X’s built-in Software Update feature to help nix the Flashback malware on your Mac.

Per AppleInsider, Apple this week seeded its developer community with the fourth build of OS X 10.7.4, the upcoming maintenance update for its Lion operating system.

Sources familiar with the latest build said it is labeled as “11E52.” The download is said to be more than 700 megabytes in its delta form, while the combo update is nearly 1.5 gigabytes.

There are reportedly no known issues with the latest build of Lion. Developers have been asked to focus on Graphics, iCal, Mail, Printing, and Time Machine.

Registered Mac developers can contain the pre-release software for testing from Apple’s official Developer Center website.

The release of “11E52” comes less than two weeks after Apple seeded the third beta of OS X 10.7.4 to developers. That build also contained no known issues, and developers were asked to focus on the App Store, QuickTime, and Screen Sharing, in addition to Graphics, Mail and Time Machine. The first beta of the anticipated Lion update was delivered to developers in mid-March.

Stay tuned for additional details and if you’ve gotten your mitts on the new beta, please let us know what you make of it in the comments.